Implementing Policy Injection in ASP.NET Applications

Introduction

Policy Injection Block was introduced in Enterprise Library 3.0 and makes use of aspect oriented programming concepts to add, remove, and modify common cross cutting concerns in your ASP.NET applications such as logging, validation, caching, exception handling, authorization, etc, without the need of recompiling the application's code. This article takes a quick tour of the policy injection block and aspect oriented programming concepts and discusses how the former can be implemented in ASP.NET applications to manage cross cutting concerns efficiently.

Pre-requisites

To use Policy Injection Block with ASP.NET 4.0, you should have the following installed in your system:

Aspect Oriented Programming - What's that all about?

What is aspect oriented programming? AOP is a programming technique that you can use to implement cross cutting concerns in your application through the usage of policies to change the behavior of business objects and classes in your application. Such policies can be used to define and manage these cross cutting concerns declaratively. Note that aspect oriented programming is a new programming paradigm--not actually a replacement of object oriented programming. An aspect is simply a functionality, a feature or a cross cutting concern in an application. In essence, aspect oriented programming is a programming paradigm that compliments object oriented programming by allowing you to modify the static object model to design and implement a system that can be adaptable so as to accommodate future changes.

The Wikipedia states: "aspect-oriented programming (AOP) is a programming paradigm which isolates secondary or supporting functions from the main program's business logic. It aims to increase modularity by allowing the separation of cross-cutting concerns, forming a basis for aspect-oriented software development." Reference: http://en.wikipedia.org/wiki/Aspect-oriented_programming.

The policy injection application block from Microsoft is one such AOP framework. Some other popular AOP frameworks include: Spring.NET and Castle Dynamic Proxy.

What are Core and Cross Cutting Concerns?

Before we proceed with our discussion on the policy injection block, let's have a quick tour of a few basic concepts. What are concerns? A concern is basically a feature or a task implemented in an application. Tasks that are specific to the application are known as core concerns. You may think of tasks specific to an application like retrieving data from the database, performing some calculations or executing certain business rules as examples of core concerns of an application. On the contrary, the tasks that are common in the same application or across applications are commonly known as cross-cutting concerns. Typical examples of cross cutting concerns include: validation, logging, authorization, exception handling, transaction management and caching.

MSDN states: "concerns that implement the features of an object within the application, such as the business logic, are core concerns. Crosscutting concerns are the necessary tasks, features, or processes that are common across different objects--for example, logging, authorization, validation, and instrumentation. The purpose of the policy injection application block is to separate the core concerns and crosscutting concerns." Reference:

The Policy Injection Block - What is it and Why is it Needed?

The policy injection block from Microsoft is a flexible, extensible and easy to use framework that helps you to create policies to manage cross cutting concerns in your application effectively. In essence, the policy injection block facilitates simplifying and unifying the cross cutting concerns in your application and create policies to effectively manage them.

Why do we need the policy injection block anyway? Applications have a mix of core and cross cutting concerns. An application's business logic is an example of a core concern. Note that an application's business logic is contextual and hence cannot be reused most of the time. Cross cutting concerns in an application are reusable components that can be used across other layers of the same application or other applications. A clear isolation and good management of the core and cross cutting concerns of an application helps avoid duplicated and unmanageable code.

The policy injection block enables you to implement AOP functionality in your applications by intercepting method calls and then invoking handlers before and after those methods based on pre-defined configuration information. You can use the policy injection block to:

Create handlers for each of the cross cutting concerns that your application will use

Define the conditions where each cross cutting concern would apply

Define and manage behaviour of each of the cross cutting concerns through configuration

The policy injection block includes a collection of the following:

Handlers

Attributes

Matching Rules

The Matching Rules are used to indicate the methods that need to be intercepted and the handlers are used to specify what should happen before or after a method interception occurs.

The policy injection block includes the following set of built-in matching rules that can be used to select the classes to which a handler pipeline would be associated:

AssemblyMatchingRule

CustomAttributeMatchingRule

MemberNameMatchingRule

MethodSignatureMatchingRule

NamespaceMatchingRule

ParameterTypeMatchingRule

PropertyMatchingRule

ReturnTypeMatchingRule

TagAttributeMatchingRule

TypeMatchingRule

Each policy can have one or more handlers. You have the following set of built-in handlers that you can use to the handler pipeline:

Authorization Handler

Caching Handler

Exception Handling Handler

Logging Handler

Performance Counters Handler

Validation Handler

The Policy configuration information can be stored in your application's configuration in the format shown in the code snippet below:

Now suppose when the GetCustomerName(String) method is called, we would intercept the call and log the information. To do this, we need to use TagMatching rule. This implies that we would need to add a tag to the GetCustomerName(String) method. The updates ICustomer interface would now look like as shown below:

The next step is to define a policy in the application's configuration file so that the call to the method having the [Tag("LogMethod")] is intercepted and the information logged using the Logging Application Block. Here's how the policy injection configuration would now look like:

The call to this method would then be logged appropriately as defined in the logging provider of the logging application block.

Summary

The policy injection block allows you to declaratively define and manage the cross cutting concerns in your application. It allows you to specify the cross cutting concerns in an application in terms of policies. You can use the policy injection block to log method invocations, cache results from a method, analyze the performance of a method, handle and log exceptions, validate method parameters, etc. This article provided the readers a head start to the concepts of Aspect Oriented Programming and policy injection block and strategies to implement them in your ASP.NET applications. Happy reading!

Suggested Readings

Here are a few good links to resources on this topic for further study on this topic:

Top White Papers and Webcasts

When individual departments procure cloud service for their own use, they usually don't consider the hazardous organization-wide implications. Read this paper to learn best practices for setting up an internal, IT-based cloud brokerage function that service the entire organization. Find out how this approach enables you to retain top-down visibility and control of network security and manage the impact of cloud traffic on your WAN.

U.S. companies are desperately trying to recruit and hire skilled software engineers and developers, but there is simply not enough quality talent to go around. Tiempo Development is a nearshore software development company. Our headquarters are in AZ, but we are a pioneer and leader in outsourcing to Mexico, based on our three software development centers there. We have a proven process and we are experts at providing our customers with powerful solutions. We transform ideas into reality.